<?php
$md5pass = md5(''.$_POST[password].'');
$result = mysql_query("SELECT * FROM users WHERE email = '".$_POST[email]."' AND password = '".$md5pass."'");
while($row = mysql_fetch_assoc($result)){
	$_SESSION[user.online] = "1";
	$_SESSION[user.email] = $row[email];
	$_SESSION[user.name] = $row[name];
	$_SESSION[user.surname] = $row[surname];
}
if($_POST[email] == $_SESSION[user.email]){echo '<meta http-equiv="refresh" content="0;URL=home" />';}else{echo '<meta http-equiv="refresh" content="0;URL=loginfail" />';}
?>